Mark's Bookmarks

Index : Computers : Security

• Alliance Datacom
• Bjoern Stickler - Sniffers and more

• Packet Storm - a security site specializing in exploit code and security tools

• Security-Focus - BugTraq and security info
• Lance's Security Papers
• Pedastal Software (Security)
• Cybersafe Software (Security)
• NT OBJECTives (Security Log Reading Software)
• ICSA
• L0pht Heavy Industries
• OS Vulnerabilities
• Virus Hoax warnings
• NT Security - Frequently Asked Questions
• Tools From the Underground Page 1 May 29, 2000
• Tools From the Underground
• ShieldsUp! (Security, port scanner, and personal firewall info)
• NCSA
• Elcom Password Crackers
• ICAT vulnerability database - for public use

Monitoring:

• Snort - an IDS tool for Windows or Linux (and use ACID to view it along with IDSCenter to control it on Windows)
• Ethereal - Packet Sniffer for Linux, Unix, Windows
• TCPView and TDIMon - (www.sysinternals.com)
• Inzider - works fine on NT workstation, but I could not get it to work at all on two NT4 servers - it would halt after enumerating a few processes. I've heard reports that it can be flaky...
• TList and Pviewer from reskit - both will show processes, but no port info.
• NetMon - (http://www.leechsoftware.com/netmon/index.html) While this one does not id the process listening, it is a very slick gui port monitor, and is free... It's amazing how many ports listen on your average NT box that you don't know about.
• epdump - This was the *only* tool which could locate the process listening on a port without a reboot and/or installing a packet driver. Combine this function with netmon above, and you'd have a killer tool for quick analysis of a machine without a reboot.

Security Scanners:

• Retina
• Saint
• ISS

Other:

• fscan - very fast port scanner, but flaky across pptp tunnel.
• 7th sphere portscan - good all round tcp scanner
• 7th sphere portf*ck - good for flooding ports to id processes, etc.
• nmapnt - haven't tried this much yet, but looks good
• netcat - useful for finding port banners, etc

Most of the known port vulnerabilities, including known trojan ports.

Lots of interesting stuff about security. Select Exploits, then Ports for a list of ports and possible exploits.

Another list of ports with explanations

last updated: 08/11/01 20:07:45 -0500
send comments/suggestions to: webmaster@noise.org